Xref: utzoo comp.unix.wizards:7213 comp.bugs.sys5:390
Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!brl-smoke!gwyn
From: gwyn@brl-smoke.ARPA (Doug Gwyn )
Newsgroups: comp.unix.wizards,comp.bugs.sys5
Subject: Re: Guide to writing secure setuid programs?
Message-ID: <7476@brl-smoke.ARPA>
Date: 20 Mar 88 01:16:11 GMT
References: <181@wsccs.UUCP> <722@rivm05.UUCP> <1037@woton.UUCP> <700@virginia.acc.virginia.edu> <7616@oberon.USC.EDU> <8468@eddie.MIT.EDU> <3098@pegasus.UUCP>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 12
Keywords: sticky bit, directories, security

In article <3098@pegasus.UUCP> hansen@pegasus.UUCP (XT1554000-Tony L. Hansen;LZ 3B-315;6243) writes:
>This enhancement was also put into System V release 3.2. Also, the /tmp and
>/usr/tmp directories are shipped as mode 1777. This was just one of the
>modifications made in that release to make the UNIX System more secure.

How well does this work in practice?  Due to the large number of
utilities that fail to properly clean up their tmp files, often
the system administrator ends up having to periodically clean out
/tmp and /usr/tmp.  With this new scheme, he'll have to become
superuser to do this, unless a privileged operator-executable
cleanup utility is provided (or the system is rebooted and does
this on each reboot).